KLA10882 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

1. An improper memory objects handling at Microsoft Video Control can be exploited remotely via a specially designed file or application to execute arbitrary code;
2. An improper memory objects handling at kernel-mode driver ca be exploited by logged in attacker via a specially designed application to gain privileges;
3. An improper memory objects handling at Windows Transaction Manager can be exploited by logged in attacker via a specially designed application to gain privileges;
4. Lack of registry access restrictions at Windows Kernel API can be exploited by logged in attacker via a specially designed application to obtain sensitive information;
5. Lack of input sanitization at Windows Diagnostics Hub Standard Collector Service can be exploited by logged in attacker to gain privileges;
6. An improper memory objects handling at Internet Messaging API can be exploited remotely via a specially designed content to obtain sensitive information.

Original advisories

CVE-2016-3270

CVE-2016-3263

CVE-2016-3209

CVE-2016-3262

CVE-2016-7182

CVE-2016-3396

CVE-2016-3393

CVE-2016-3298

CVE-2016-3376

CVE-2016-3341

CVE-2016-3266

CVE-2016-0070

CVE-2016-0073

CVE-2016-0075

CVE-2016-0079

CVE-2016-0142

CVE-2016-7211

CVE-2016-7188

CVE-2016-7185

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows-Vista-4

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Windows-RT

Microsoft-Windows-10

CVE list

CVE-2016-3270 critical

CVE-2016-3263 warning

CVE-2016-3209 warning

CVE-2016-3262 warning

CVE-2016-7182 critical

CVE-2016-3396 critical

CVE-2016-3393 critical

CVE-2016-3298 warning

CVE-2016-3376 critical

CVE-2016-3341 critical

CVE-2016-3266 critical

CVE-2016-0070 warning

CVE-2016-0073 warning

CVE-2016-0075 warning

CVE-2016-0079 warning

CVE-2016-0142 critical

CVE-2016-7211 high

CVE-2016-7188 high

CVE-2016-7185 high

KB list

4038788

3183431

3192441

3191203

3190847

3194798

3191256

3192440

3185331

3193515

3185332

3192393

3192392

3200970

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Microsoft Windows 10 1511, 1607Microsoft Windows Vista Service Pack 2Microsoft Windows Server 2008 Service Pack 2Microsoft Windows 7 Service Pack 1Microsoft Windows Server 2008 R2 Service Pack 1Microsoft Windows 8.1Microsoft Windows Server 2012Microsoft Windows Server 2012 R2Microsoft Windows RT 8.1Microsoft Windows 10